Support Center

Question

KanishkM2601

Member since 2022

1 post

Intersystems Corporation

Posted: Oct 17, 2023

Last activity: Apr 23, 2024

Posted: 17 Oct 2023 17:54 EDT
Last activity: 23 Apr 2024 8:12 EDT

Solved

SHA 256

Report

I have an endpoint that is pinged by a web hook I have set up.

One of the parameters in the header of this incoming request is my client secret hashed with the message body using SHA 256.

What is the best way to authenticate such requests? I don't see any options for SHA-256 in Pega 8.7.3 that supports hashing my client secret with the message body.

To see attachments, please log in.

Pega Sales Automation 8.7

Java and Activities

Solutions Engineer

Reply
Likes (3)

Kanishk Mittal Vlad S. Leonte Norbert Hresko
Share this page Facebook Twitter LinkedIn Email Copying... Copied!

Accepted Solution

Posted: 11 months ago

Updated: 11 months ago

Posted: 8 Apr 2024 8:25 EDT
Updated: 23 Apr 2024 8:12 EDT

MarijeSchillern

MOD

replied to KanishkM2601

Report

@KanishkM2601 does the information in the below post help at all?

Does Pega offer any support for Conjur API

In Pega 8.x, you can use the Token Profile and pxGenerateJWT activity to generate JWT tokens. You can specify the signature algorithm in the Token Profile, and the activity generates the JWT token accordingly. However, if you need to use a specific hashing algorithm like SHA-256 that is not available OOTB, you may need to write custom Java code to achieve this.

⚠ This is a GenAI-powered tool. All generated answers require validation against the provided references.

Reg Signing a message with RSA SHA 256 algorithm using a private Key

BYOK encryption Private Data requirements > AES Private data key encryption specification

Client Authentication using JWT Token(Pega 8.4)

View reply inline

To see attachments, please log in.

Posted: 1 year ago

Posted: 21 Mar 2024 6:10 EDT